I would open an SR asking oracle if it is a supported configuration. In
theory you can use udev ( for giving the device the correct uid and gid )
and install ASM avoiding asm filter or asm lib . I would create my dm-crypt
device and i would try to install a grid upon them . But even if it works
, passing the proper device name to asm, you have no guarantees that it
will continue to work. If it is something that oracle supports, ok. But if
it is not supported what do you do if . it works for a week or 2
monthes and then it stops working ? . we did, many times ago a similar
"path" for cost saving , but the situation was different. we were on
single instances, on a filesystem and the filesystem vendor certified the
solution so it was transparent from an oracle point of view . You can try
to create a test rac on dm-crypt but even if it works you take a great
responsability in telling a customer, ok , let's do this ...
Il giorno mer 17 mag 2023 alle ore 16:05 Niklas Iveslatt <
dmarc-noreply@xxxxxxxxxxxxx> ha scritto:
This one might have some useful info?
https://docs.oracle.com/en/learn/ol-luks/index.html#introduction
Niklas Iveslatt
Senior Partner
Arisant LLC ~ http://www.arisant.com
44 Inverness Dr. E Bldg. C Suite 2 ~ Englewood, CO 80112
mobile: 303.882.4461 ~ main: 303.330.4065 ~ fax: 888.889.0155
Need to send me something securely? *Click here*
<https://arisant.sendsafely.com/u/niklas.iveslatt>
On Wed, May 17, 2023 at 6:22 AM Tim Gorman <tim.evdbt@xxxxxxxxx> wrote:
Friends and colleagues,
I have a customer who wishes to use Linux DM-CRYPT to encrypt all
filesystem contents on their Linux systems. They wish for DM-CRYPT to also
cover their Oracle database files on ASM which they note uses "raw" block
devices not based on any filesystem, which they feel leaves them choosing
between using DM-CRYPT and ASM.
Yes, we've discussed Oracle TDE, and they prefer not to use it. That
conversation is a dead end.
I know that it is possible to pre-create empty files on remote NFS
filesystems and then use those as disk files for ASM, instead of block
devices, as described in Oracle Support note #731775.1 (entitled "*How
To Create ASM Diskgroups using NFS/NAS Files*
<https://support.oracle.com/epmos/faces/DocumentDisplay?id=731775.1>").
However, I can't find a similar support article describing the same method
for local filesystems.
Has anyone found such a support article, or perhaps use local filesystem
files as ASM disk?
Please let me know what you think?
Thanks!
-Tim
